Slashdot videos: Now with more Slashdot!

View

Discuss

Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

Homeland security is a great idea, but there hasn't been much as far as actual results yet. We need some stats on how many threats they found/evaded, or is there this info available already?

This is a catch 22.

If someone ever where to make a in-depth study on wheter DHS works as intended this report would be classified and not avilable to the general public. If someone found out that DHS can't protect USA against a major terror attack DHS would not want the terrorist to know this.

So you will never know for sure if DHS works or not. That is until someone launch their major terrorist attack off course.

Sorry, but not even a terrorist attack will prove that it works or does not. If they attack and fail, how do we know that security measures wouldn't have stoped them before? New security requirements that worked don't count because we might have implimented them anyway. If they attack and the deparment cannot stop them, then it doens't prove anything since every plan made by man fails in some way.

The above doesn't even account for any terrorists who start planning something and realize before they are

I was just making and observation that you can't necessarily belive DHS is trustworthy and honest when they say something in the line of "We are commited to the task of enhancing security in USA".
There are a lot of good intentions involved but don't trust good intentions when it comes to liberty.

The assumption and constant media attention that DHS is entirely about terrorist threats is probably the biggest PR blunder behind people's lack of faith or even understanding of what DHS actually is. The Government Accounting Office is the research arm of Congress and has a large number of reports on the progress, or lack thereof, of DHS. However, it is not just "we caught three terrorists" as that is not all that is behind DHS, which covers everything from issues of immigration to natural disasters. It is

It is a department more complex than anything ever attempted by any government in history

Please. How about administration of the British Empire? And that's just within the last 400 years. If I had more time, there's others as well--you don't think that the governments of ancient China and Egypt were complex?

psst... If you want to make a comparison between the Department of Homeland Defense and something else, you should probably compare it with the Department of Defense instead of ONE of their buildings (the Pentagon).

There were nearly 150k in troops in Iraq, and 37k in South Korea. I won't even bother going into anything else.

The Department of Defense is *MUCH* larger than the Department of Homeland Security.

Of course, you should never trust any single source of interpretation...

I think you've got it right there. If you care about a story, you should get as much information as possible. Of course, sometimes you can only get biased opinions, but in that case, you can just get a whole lot of opinions, average them out, and come out with at least a little info.

> unless of course you just get the facts and interpret them on your own

The problem is that these "facts" aren't really available. Most of the "facts" you hear aren't entirely true and leave the idea out of context. Where do you find your so-caled facts? Obviously, some places are better than others. CNN, C-Span? Okay, they're not too bad. FOX News, NPR? Might want to try again.

> Yes but the "buyers" asked for the missiles, [...] The US seems to like making criminals.

That's a pretty stupid statement/troll.

So, you should be legally allowed to sell anything you want? It's like saying I should be able to sell weapons-grade plutonium to anyone, but if someone buys it, they're breaking the law & I'm not? Geez, get a clue.

> if the agents asked for the missiles, it becomes entrapment, which would get the case thrown out

I don't think you understand the "rules" of entrapment (most people don't). If a cop goes up to a drug dealer or prostitute & asks for their "services," it is not entrapment. Hell, they don't even have to admit to being a cop if asked (contrary to popular belief). If this was entrapment, the cops would have to both ask for the weapons, on one side, while also acting as the one selling the missiles to

Is anyone else tired of the word "cyber" being applied to anything dealing with computers? "Head of Cybersecurity" sounds like a title that some 13 year-old hax0r would call himself after finally learning how to share his family's broadband internet connection among machines. I find it difficult to take an office seriously if it designates head of "cyber" anything. It's the year 2003, people. Let's just start calling it "the internet."

when it comes to censoring and creating a virtual intranet to replace what we have now, it's easier to pacify moms and pops who think the 'cyber' world is something they could not possibly understand for themselves, so best leave it to the nice government to look after us...

Billy Gibson has suggested that "cyberspace" would be the (first and) last enduring word with the prefix "cyber" in it. Just like everything that was cool used to be "electro-" whatever. After a while, it was just assumed that new devices were electronic. Now it's just assumed that new devices have computers in them. "Cyber" is meaningless and anachronistic.

By the way, some people still don't realize that you can just type the middle part, leave out the www dot and the dot com part, and press CTRL-ENTER. It will automatically assume (default!) that you want a dot com world wide web page.

That's one of the first things I shut off in Mozilla...does it really take you that long to type out the URL (especially when it's been put in once before and autocomplete still knows about it)? Besides, would you want your kid to type in "whitehouse," hit Ctrl-Enter, and

Agreed. "Log on to our website" is utterly ridiculous. So that radio station's already given me an account on their server? Great! You don't log on to websites. You log on to workstations and networks. You visit websites. And "http://" is at the point where it's now implied. Just give us the "www.something.com," and that's all anyone needs.

And can we please enact a law prohibiting people from the deep South from saying "www"? Hearing someone say, "Dubya dubya dubya" makes my fucking ears bleed.

Yes, yes I am tierd of the over use of 'cyber' and while we're complaining the over use of 'geek' is giving true geeks a bad name. Now it's used to describe anyone who knows how to use a computer or any other electronics.

Has anyone else thought about the huge conflict of interest behind having a VP of s security company being the dept of homeland sec director. That's like giving a junky leadership over a needle distribution center... Think about the kickbacks, and deals that'll be pushed towards Symantec... As for the cyber overusage... I'm used to it, and nothing that can be said will help it... the whole hacker is not a cracker bit is sooooo yesterday

The Bussiness software Alliance is applauding the choice. This means we need to keep a close eye on this.

I'm slightly concerned that its someone whos main source of income has been writing anti-virus software for Windows machines. I would doubt that he wakes up each day he hears about a new windows virus and says, that does it, i'm swithcing to linux for better security. He probably also would not really like to see for example, an open source virus program.

And to the extent that he can cast off his "I profit from poor windows security" past, then he would probably see the "paladium" or whatever its called now as the ideal solultion to the widows is a seive problem. And in the HS dept he'll have the clout to make it a national requirement.

the only good thing is it looks like he was a technical person who is well aware of many of the problems in computer security.

Another poster posted a link to a Frontline Interview. Near the bottom is this question and answer:

Q: To make more secure infrastructures, if there's one thing that you would stand up and shout about, what would it be?

A: I think that the emphasis for better security really comes from creating a culture. It's not a technical solution. I believe creating a culture where security is a requirement to do business would probably do more for us than any one piece of technology innovation. If we create the cultur

"Yoran helped to found network scanning company RipTech Inc. of Alexandria, Virginia, in 1998. After RipTech was acquired by antivirus giant Symantec Corp. for $145 million in August 2002, Yoran stayed on as Symantec vice president of worldwide managed security services operations, according to Symantec spokesman Cris Paden."

Anyone care to wager how soon the government starts awarding contracts/grants to Symantec for its exclusive security solution?

Anyone care to wager how soon the government starts awarding contracts/grants to Symantec for its exclusive security solution?

The US government already has contracts with Symantec for network and client security products. They're not exclusive, though. (Yet). For instance, Department of Defense has three different antivirus product vendors from which you can download and install any of several of their products. (Assuming you have admin privs on the machine in question, an unlikely assumption given the str

Oh, great. Let's combine the computer security industry (already famous for making work and money for itself by scaring everyone with over-hyped media attention to every script-kiddy's feeble edit of an existing worm) with the Department of Homeland Security's similar tactics of justifying it's existence, not to mention whatever policies the powers-that-be desire.

Now every blackhat hacker, script kiddy, or other 'cyber'threat is not only his problem but they're all after him and ony computers/websites/etc. that he has or runs. Talk about being setup for failure.

The guy in charge of security at any institution might as well change his name to Snowden.

If you don't recognize this name, Snowden was a character in the Joseph Heller book "Catch 22" He's a gunner in a B-25 who gets shot. The protagonist, Yossarian, goes back to help him, and tells him he'll be fine. Then he opens the kid's jacket and his guts spill out all over the floor. The kid can't see them, so Yossarian keeps trying to comfort him.

I think that choosing a software security and anti-virus expert, rather then someone with a law enforecement background is a good thing. It will hopefully keep the focus of off spying on citizens and might help reduce the number of worms going around right now.

This just in: Our Nation's cyber-fighting department outsourced security implementation to India....who just outsourced 90% to Afghanistan....who just hired on some guy who calls himself 'Ossy bin Laden'....who just finished a 3 month 'pong' marathon in a cave located in an area no-one's heard of....who uses a new personalized OS: Microsoft WindowsXPlode

"He had a weird smirk on his face when they told him he would be in charge of managing cyber-attacks. Upon further clarification, his smile turned to frown when it was revealed to him that he would not actually be creating worms, viruses, or organized DDoS attacks."

So, what, exactly, is the Department of Cybersecurity going to do? Monitor the Internet? Intercept virii? Rubberstamp Microsoft's agenda? Scan your email? Stop spam? Raid the homes of script kiddies? Side with the RIAA vs. 12-year-old girls? I really would like to know what "cybersecurity" entails.

And, fwiw, if the BSA "lauds" him, he can't be all that good news for open source.

If this man has any moral fiber and/or desire to defend privacy rights, it'll quickly be eroded under this administration.

Why am I so damned suspicious and cynical of everything this administration does? Is something wrong with me?

No. The Government is a distinct entity from the People, and, even though it consists of people, we can't forget that people are not infallible in light of money and power. So, it is perfectly natural to be suspicious of an organization made up of people whose power reaches to every corner of the USA. For example, no other organization in the USA can take your wages from you and put you in prison if you refuse. This is why checks and balances are so important, to keep them f

Since we "founded" it, we tend to think it's ours (not me, but the collective "We" that is the USA) and we can tell everyone how to use it. We do the same with Democracy... since we "founded" it, we tend to try to tell everyone else how to use it. We're the know-it-all ex-mechanic down the street that could rebuild your classic Mustang, but can't even diagnose a modern one because we haven't paid much attention for the last 30 years of resting on our laurels. The new fangled parts and additions are a myste

Democracy was invented by the ancient greeks [icpd.org] and "founded" in Europe in modern times, before the US was colonized. And women didn't get equal treatment before the law as early as in European countries [about.com] either. Let's not even go into black and native indian rights (although there are worse offenders there, of course).

I know all of this. That's why "founded" is in quotes. I was being critical of the American Cultural Ego. The prevailing attitude in the US is that we are the inventors and owners of democracy (again, not my particular view) and I was drawing parallels to very similar attitudes that we have about the Internet (and cars and labor unions and...).

Amit Yoran is of course, a VP at Symantec. That would be the same company whose COO, John Schwartz, recently caused a storm [smh.com.au] by calling for laws to make it a criminal offence to share information and tools online which could be used by malicious hackers and virus writers.

Am I alone in putting two and two together and becoming alarmed at the implication?

Am I alone in putting two and two together and becoming alarmed at the implication?

No. There's some guy named Ashcroft, some guy named Cheney and some guy named Bush who are right there with you. Of course they are alarmed that nobody thought of it sooner and that anyone would resist. Oh, and they have minions... You probably don't.

Aha, how little you know! I have about 7 minions. Unfortunately, they do little more than harass me while I'm drinking my tea, because they think it's "cool" to hang out at the coffee shop & annoy people slightly older than them. Evidently, I can't order them to get the hell away from me, but maybe I can get them to overthrow the government. They might be just dumb enough to try, and ignorant enough to succeed. or not.

Amit Yoran is of course, a VP at Symantec. That would be the same company whose COO, John Schwartz, recently caused a storm by calling for laws to make it a criminal offence to share information and tools online which could be used by malicious hackers and virus writers.
Am I alone in putting two and two together and becoming alarmed at the implication?

The more worrying thing (IMHO) was that "The BSA Lauded his Selection." -- so it will it be a criminal offence to
"share information and tools onlin

Amit Yoran is of course, a VP at Symantec. That would be the same company whose COO, John Schwartz, recently caused a storm [smh.com.au] by calling for laws to make it a criminal offence to share information and tools online which could be used by malicious hackers and virus writers.

Am I alone in putting two and two together and becoming alarmed at the implication?

Is it too cynical of me to think that nobody financially connected with an online security company would actually want to limit technology th

Rip-Tech was one of the largest security monitoring firms in the country, I can only see this as a good thing. Besides the goverment already has moved a majority of it's firewalls over to symantec long time ago.

I remebmer when I went to the raptor training 75% of the guys there were goverment types or working on goverment contracts.

I've never heard of this guy, so I just google'd him [google.com], and found all kinds of things, including thisinterview with him [pbs.org] from March 13, 2003, and this brief biography [216.239.57.104]. He is currently vice president of Managed Security Services Operations for Symantec, and previously worked for the U.S. Department of Defense Computer Emergency Response Team (DoD/CERT).

kinda nice to see that the future "Head of Homeland Cybersecurity" at least has a formal c.s. education, and some obvious real-world experience.

I got to witness ISS getting the "dept" involved firsthand with a recent Apache bug...... they decided that Free Operating Systems were not "real vendors" and kept us all out of the loop, so then we all got to find out about the bug with the rest of the public. The few "trusted" parties would have been looking at some treason if they had notified their friends in other affected projects.

Thanks ISS... again. This will be a huge unimprovement. I fear Germany will become the new world center for computer security if these boneheads have their way.

I'm sitting here listening to TechTV's Screensavers, as Leo LaPorte isinterviewing some ex-miliary type hype a book he's written called "Black Ice". Apparently we're about to be overrun by cyberterrorists any second now.

It's sad that my hero LaPorte is taking this crud seriously. The author is strongly Bushifying the notion that the August blackout was caused by Evil Terrorists. Leo is listening with respect.

WHY? What the hell is "cyber" terrorism? Who the hell would waste their time bringing down network

I know this guy. He was a classmate of mine back at the Academy. The guy is sharp. He went from West Point, the Army's academyh, into the Air Force (A handful of people do this each year). I note went out to our class list about his companies sale, which made us all quite jealous.

The thing about West Point is that it drives home a commitment to the Country (Duty, Honor, Country is the School Moto). At least we have someone who stood up, raised his right hand, and swore to support and defend the Constitution. Yes, I am sure he is a savvy business man, but he's as honest as we are going to get.

1) I'm more likely to trust a guy who logged in, as opposed to an AC like you.2) There weren't that many mistakes, and certainly not a "gross number." There weren't even a "gross number" of words in the post.3) I've met plenty of stupid people in the Air Force, although, admittedly, none from West Point. That said, with enough money and "Just enough" skill, you can get through West Point. That "just enough" is probably more than I have, but whatever.4) Just because someone

Thank you for keeping me from replying. I typed in haste and did not proofread. When I reread what had been posted, I was embarrassed by the number of mistakes, but there is no editing after it is posted.

I can't blame a guy for being annoyed an officer wouldn't check his work. But then, I am no longer an officer.

> I can't blame a guy for being annoyed an officer wouldn't check his work. But then, I am no longer an officer.

You might not be able to, since you're a part of it, but I can sure blame him.:) Unless you are saying something detrimental about W.P. or presenting yourself as a representative of such, he has no need to go off on you. Even if he's a S.O., it's not a big deal.Even if an officer does have spelling problems, I don't care. As long as you can get your poin

I listened to Richard Clarke at MIT once. While he was a very fervent advocate of cleaning up security, he lied blatantly and publicly at that presentation. "Carnivore was a bad name and a bad idea, it no longer exists" was flatly known to be false by at least 3 people in the room who had had occasion to be directly aware of *which* little rooms at the local mid-level ISP had the secret equipment, still in use as of the previous week.

He also refused to acknowledge the federal role in crippling security thr

...but this partnership between DHS and CERT makes me feel uneasy. Would you, if you had discovered a security hole in, say, a widely used FS/OSS application, still notify CERT about it? If you have to assume that the first organization they will share the information with is the DHS?

Yes I know, the DHS hasn't done anything so far to earn this level of distrust from me, in fact they seem to be trying to build up trust, but...I'd definitely feel better just contacting security@mylinuxdistribution.com.

The FBI put out cyber-crime recruiting press releases in our city last month. It sounded like reasonable psoitions and pay. However, you have to be under 35 years old and be able to pass a fitness test (run 1.5 miles in under 12 minutes). The newspaper thought the latter would be hard on geeks.

> > I am no more a racist than you are a religious zealot.> Check out the link and see how much of a "zealot" I am. You'll be amused.:)

Reread that statement. He said "I am just as much racist as you are just as much Christian." He went to the link, saw what it was (that you aren't christian) then said that he isn't a racist, using that info. Nice try.

That's a brilliant post coming from someone whose ancestors were undoubtedly immigrants. Remember, genius, Americans are not native to this country. America was founded by people not born in this country with the idea that everyone is welcome, regardless of where you were born.

And you believe to have the insight to accuse others of having a narrow view of the world? If you ask me, anyone who takes the time to slander a group of individuals and express such obvious xenophobia would be a more likely candi